WPS: Set EAPOL workarounds dynamically based on association

Previously, the shorter startWhen value was used based on build
parameters (i.e., if WPS was enabled). This is not really ideal and the
knowledge of WPS use can be provided to the EAPOL state machine to allow
this (and similar WPS workarounds) to be done only when the association
is for the purpose of WPS.

Reduce the default startWhen value from 3 to 2 seconds for non-WPS case
since WPS builds have likely received most testing for the past years
with the 1 second value and there is no strong justification for forcing
the longer 3 second wait should a frame be lost or something else
require the EAPOL-Start to initiate operation after a connection.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2014-09-08 16:49:08 +03:00 committed by Jouni Malinen
parent 8511a0f67b
commit b08d5fa793
3 changed files with 16 additions and 7 deletions

View file

@ -255,12 +255,14 @@ SM_STATE(SUPP_PAE, CONNECTING)
* delay authentication. Use a short timeout to send the first * delay authentication. Use a short timeout to send the first
* EAPOL-Start if Authenticator does not start authentication. * EAPOL-Start if Authenticator does not start authentication.
*/ */
#ifdef CONFIG_WPS if (sm->conf.wps) {
/* Reduce latency on starting WPS negotiation. */ /* Reduce latency on starting WPS negotiation. */
sm->startWhen = 1; wpa_printf(MSG_DEBUG,
#else /* CONFIG_WPS */ "EAPOL: Using shorter startWhen for WPS");
sm->startWhen = 3; sm->startWhen = 1;
#endif /* CONFIG_WPS */ } else {
sm->startWhen = 2;
}
} }
eapol_enable_timer_tick(sm); eapol_enable_timer_tick(sm);
sm->eapolEap = FALSE; sm->eapolEap = FALSE;
@ -1242,7 +1244,7 @@ int eapol_sm_rx_eapol(struct eapol_sm *sm, const u8 *src, const u8 *buf,
return 0; return 0;
} }
#ifdef CONFIG_WPS #ifdef CONFIG_WPS
if (sm->conf.workaround && if (sm->conf.wps && sm->conf.workaround &&
plen < len - sizeof(*hdr) && plen < len - sizeof(*hdr) &&
hdr->type == IEEE802_1X_TYPE_EAP_PACKET && hdr->type == IEEE802_1X_TYPE_EAP_PACKET &&
len - sizeof(*hdr) > sizeof(struct eap_hdr)) { len - sizeof(*hdr) > sizeof(struct eap_hdr)) {
@ -1491,6 +1493,7 @@ void eapol_sm_notify_config(struct eapol_sm *sm,
sm->conf.required_keys = conf->required_keys; sm->conf.required_keys = conf->required_keys;
sm->conf.fast_reauth = conf->fast_reauth; sm->conf.fast_reauth = conf->fast_reauth;
sm->conf.workaround = conf->workaround; sm->conf.workaround = conf->workaround;
sm->conf.wps = conf->wps;
#ifdef CONFIG_EAP_PROXY #ifdef CONFIG_EAP_PROXY
if (sm->use_eap_proxy) { if (sm->use_eap_proxy) {
/* Using EAP Proxy, so skip EAP state machine update */ /* Using EAP Proxy, so skip EAP state machine update */

View file

@ -58,6 +58,11 @@ struct eapol_config {
* external_sim - Use external processing for SIM/USIM operations * external_sim - Use external processing for SIM/USIM operations
*/ */
int external_sim; int external_sim;
/**
* wps - Whether this connection is used for WPS
*/
int wps;
}; };
struct eapol_sm; struct eapol_sm;

View file

@ -297,6 +297,7 @@ void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
eapol_conf.external_sim = wpa_s->conf->external_sim; eapol_conf.external_sim = wpa_s->conf->external_sim;
eapol_conf.wps = wpa_s->key_mgmt == WPA_KEY_MGMT_WPS;
eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
#endif /* IEEE8021X_EAPOL */ #endif /* IEEE8021X_EAPOL */